🚨 CISA KEV 1[−]
30 Apr KEVCopy Fail (CVE-2026-31431): Frequently asked questions about Linux kernel privilege escalation vulnerabilityA flaw in the Linux kernel present since 2017 allows a local user to gain root access on virtually every major Linux distribution. A public exploit is available and reported to work reliably. Key Takeaways CVE-2026-31431 is a high severity local privilege escalation vulnerability…TENABLE.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 32[−]
30 AprLinux Kernel 0-Day “Copy Fail” Grants Root Access Across Major Distros Since 2017Security researchers have disclosed a critical zero-day vulnerability in the Linux kernel dubbed “Copy Fail” (CVE-2026-31431), which allows unprivileged local users to gain root access. Using a tiny 732-byte Python script, attackers can exploit a logic flaw present in…GBHACKERS.COM
30 AprProFTPD SQL Injection Flaw Opens Door To Remote Code Execution AttacksA newly disclosed flaw in ProFTPD is drawing urgent attention because it can let attackers move from a simple SQL injection bug to authentication bypass, privilege escalation, and in some environments even remote code execution. Tracked as CVE-2026-42167, the issue was found in P…GBHACKERS.COM
30 AprCVE-2017-3731 Truncated packet could crash via OOB readInformation published.MSRC.MICROSOFT.COM
30 AprCVE-2026-31546 net: bonding: fix NULL deref in bond_debug_rlb_hash_showInformation published.MSRC.MICROSOFT.COM
30 AprCVE-2026-6357 pip self-update functionality can import newly installed modules after wheel installationInformation published.MSRC.MICROSOFT.COM
30 AprCVE-2026-41603 Apache Thrift: Java TSSLTransportFactory hostname verificationInformation published.MSRC.MICROSOFT.COM
30 AprCVE-2026-41636 Apache Thrift: Node.js skip() recursionInformation published.MSRC.MICROSOFT.COM
30 AprCVE-2026-34477 Apache Log4j Core: verifyHostName attribute silently ignored in TLS configuration, allowing hostname verification bypassInformation published.MSRC.MICROSOFT.COM
30 AprCVE-2026-31429 net: skb: fix cross-cache free of KFENCE-allocated skb headInformation published.MSRC.MICROSOFT.COM
30 AprCVE-2026-41305 PostCSS has XSS via Unescaped </style> in its CSS Stringify OutputInformation published.MSRC.MICROSOFT.COM
30 AprCVE-2026-3298 Out-of-bounds write in Windows asyncio.ProacterEventLoop.sock_recvfrom_into() when using nbytesInformation published.MSRC.MICROSOFT.COM
30 AprCVE-2026-31508 net: openvswitch: Avoid releasing netdev before teardown completesInformation published.MSRC.MICROSOFT.COM
30 AprCVE-2026-31540 drm/i915/gt: Check set_default_submission() before deferencingInformation published.MSRC.MICROSOFT.COM
30 AprCVE-2026-6238 Buffer overread in ns_printrrf with corrupted RDATA fieldInformation published.MSRC.MICROSOFT.COM
30 AprCVE-2026-31499 Bluetooth: L2CAP: Fix deadlock in l2cap_conn_del()Information published.MSRC.MICROSOFT.COM
30 AprCVE-2025-48431 Apache Thrift: Specially crafted input can crash a c_glib Thrift server with invalid pointer error.Information published.MSRC.MICROSOFT.COM
30 AprCVE-2026-41602 Apache Thrift: Go TFramedTransport uint32 overflowInformation published.MSRC.MICROSOFT.COM
30 AprCVE-2026-41604 Apache Thrift: Swift Range crash in skip()Information published.MSRC.MICROSOFT.COM
30 AprCVE-2026-41605 Apache Thrift: Swift Compact Protocol integer overflowInformation published.MSRC.MICROSOFT.COM
30 AprCVE-2026-41606 Apache Thrift: c_glib dispatch stack overflowInformation published.MSRC.MICROSOFT.COM
30 AprNew Linux 'Copy Fail' Vulnerability Enables Root Access on Major DistributionsCybersecurity researchers have disclosed details of a Linux local privilege escalation (LPE) flaw that could allow an unprivileged local user to obtain root. The high-severity vulnerability tracked as CVE-2026-31431 (CVSS score: 7.8) has been codenamed Copy Fail by Xint.io and Th…THEHACKERNEWS.COM
30 Apr KEVAttackers Exploit cPanel Authentication Bypass 0-Day After PoC ReleaseA critical zero-day vulnerability, tracked as CVE-2026-41940, is currently being actively exploited across the web hosting industry. This CVSS 9.8 flaw allows unauthenticated remote attackers to bypass cPanel and WHM login mechanisms, granting them full administrative control ove…GBHACKERS.COM
30 Apr KEVCritical cPanel zero-day auth bypass exploited since FebruaryA critical authentication bypass vulnerability in cPanel & WHM is being actively exploited, allowing remote attackers to gain full administrative access to affected servers without credentials. The flaw, tracked as CVE-2026-41940, has received a near-maximum severity score a…CYBERINSIDER.COM
30 AprPoC Disclosed for Critical Root ASUSTOR ADM RCE FlawA critical vulnerability, tracked as CVE-2026-6644, has been uncovered in ASUSTOR’s ADM (ASUSTOR Data Master) operating system. Specifically, the flaw exists within the PPTP VPN Client feature. Carrying a CVSS v4.0 score of 9.4, this OS command injection vulnerability allows an a…GBHACKERS.COM
30 AprNine-year-old Linux kernel flaw enables reliable local privilege escalation (CVE-2026-31431)Security researchers at Theori have disclosed a high-severity local privilege escalation (LPE) vulnerability (CVE-2026-31431) in the Linux kernel. The flaw, nicknamed “Copy Fail”, has affected virtually every major Linux distribution shipped since 2017, and a working …HELPNETSECURITY.COM
30 Apr“Copy Fail” gives root access to all Linux systems via 732-byte exploitA new Linux kernel vulnerability dubbed “Copy Fail” enables unprivileged users to gain root access across nearly all major distributions using a tiny, highly reliable exploit, affecting systems dating back to 2017. The flaw, tracked as CVE-2026-31431, was discovered by security r…CYBERINSIDER.COM
30 AprcPanel zero-day exploited for months before patch release (CVE-2026-41940)A critical authentication bypass vulnerability (CVE-2026-41940) in cPanel, a popular web-based control panel for managing web hosting accounts, is being exploited by attackers in the wild. What’s more, attackers didn’t have to wait for watchTowr security researchers t…HELPNETSECURITY.COM
30 AprCopy Fail: New Linux bug enables Root via page‑cache corruptionLinux flaw CVE‑2026‑31431, ‘Copy Fail,’ lets any local user write four bytes into page cache files, enabling easy escalation to root on major distros. Xint Code researchers warn of a serious Linux flaw, tracked as CVE-2026-31431 (CVSS score of 7.8), dubbed Copy Fail. …SECURITYAFFAIRS.COM
30 Apr KEVcPanel’s authentication bypass bug is being exploited in the wild, CISA warnsThe agency added the flaw to the KEV list days after hosting providers confirmed active, ongoing attacks. The post cPanel’s authentication bypass bug is being exploited in the wild, CISA warns appeared first on CyberScoop .CYBERSCOOP.COM
⚠️ VULNERABILITY DISCLOSURE 28[−]
30 AprAmazon Layoffs Hit Thousands Across Multiple States as Fresh Stores CloseAmazon layoffs are hitting workers across several states as Fresh closures, AI investments, and post-pandemic restructuring reshape its workforce. The post Amazon Layoffs Hit Thousands Across Multiple States as Fresh Stores Close appeared first on TechRepublic .TECHREPUBLIC.COM
30 AprMicrosoft Confirms Windows Flaw Is Being Exploited After Incomplete PatchMicrosoft confirmed a Windows zero-click flaw tied to an incomplete patch is being exploited, putting credentials at risk for unpatched users. The post Microsoft Confirms Windows Flaw Is Being Exploited After Incomplete Patch appeared first on TechRepublic .TECHREPUBLIC.COM
30 AprResearchers unearth industrial sabotage malware that predated Stuxnet by 5 yearsDesigned to cripple Iran’s nuclear enrichment program, the 2010 Stuxnet worm set a cybersecurity precedent as the first time a nation escalated its activities from strategic espionage to sabotage in cyberspace. Now, a new discovery suggests such operations were in full swing year…CSOONLINE.COM
30 AprSonicWall SonicOS Flaw Lets Attackers Bypass Access Controls and Crash FirewallsSonicWall has released a security advisory detailing three new vulnerabilities affecting its SonicOS software. Disclosed on April 29, 2026, under advisory ID SNWLID-2026-0004, these security flaws open the door for attackers to bypass access controls, manipulate restricted files,…GBHACKERS.COM
30 AprA game of loans.This week, while Maria is on vacation, Dave Bittner and Joe Carrigan are joined by Michele Kellerman as they discuss the latest in social eng…THECYBERWIRE.COM
30 AprGoogle Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code ExecutionGoogle has addressed a maximum severity security flaw in Gemini CLI -- the "@google/gemini-cli" npm package and the "google-github-actions/run-gemini-cli" GitHub Actions workflow -- that could have allowed attackers to execute arbitrary commands on host systems. "The vulnerabilit…THEHACKERNEWS.COM
30 Apr KEVQinglong Task Scheduler RCE Flaws Exploited in the WildHackers are actively exploiting two severe authentication bypass vulnerabilities in Qinglong, a popular open-source task scheduling platform. These flaws allow attackers to execute arbitrary code and deploy resource-draining cryptomining malware on vulnerable servers. Qinglong is…GBHACKERS.COM
30 AprJenkins Plugin Updates Fix Path Traversal and Stored XSS BugsThe Jenkins project released a critical security advisory addressing seven vulnerabilities across multiple widely used plugins. The disclosed flaws include high-severity path traversal and stored cross-site scripting (XSS) vulnerabilities that could allow threat actors to execute…GBHACKERS.COM
30 AprSAP npm package attack highlights risks in developer tools and CI/CD pipelinesA supply chain attack on SAP-related npm packages has put fresh scrutiny on the developer tools and build workflows that enterprises rely on to produce software. The campaign, referred to as “mini Shai-Hulud,” affected packages used in SAP’s JavaScript and cloud application devel…CSOONLINE.COM
30 AprStopping the quiet drift toward excessive agency with re-permissioningIn their infancy, LLM models were not difficult to contain. You gave a prompt; they responded, and if something was wrong it was usually “just text.” This could take the form of a summary that missed the best bits, a tone-deaf line or a wordy sentence. But then, agents were co-op…CSOONLINE.COM
30 AprODNI to CISOs on threat assessments: You’re on your ownEvery year, CISOs, CSOs, and chief risk officers pore over the Office of the Director of National Intelligence (ODNI)’s Annual Threat Assessment (ATA) for insights on emerging threats they may soon face. This year, however, structural changes to the report itself underscore a fou…CSOONLINE.COM
30 AprMax-severity RCE flaw found in Google Gemini CLISecurity researchers are warning about a max severity vulnerability in Google Gemini CLI that could allow remote code execution (RCE) in environments where the tool processes untrusted inputs. The issue was disclosed by Novee Security researchers and affects the @google/gemini-cl…CSOONLINE.COM
30 AprNew Python Backdoor Uses Tunneling Service to Steal Browser and Cloud CredentialsCybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of sensitive information from compromised hosts. "The intrusion chain begins with e…THEHACKERNEWS.COM
30 AprDismantle implicit trust in OT networks, CISA tells critical infrastructure operatorsThe US Cybersecurity and Infrastructure Security Agency (CISA) has asked owners and operators of operational technology to stop assuming their networks are safe, and has released joint guidance to adapt zero trust principles for industrial systems that support US power, water, tr…CSOONLINE.COM
30 AprCisco releases open-source toolkit for verifying AI model lineageEnterprises pulling models from Hugging Face and other open repositories rarely keep records of how those models are altered after download, leaving organizations with little ability to confirm what they are running in production. The State of AI Security 2026 from Cisco places t…HELPNETSECURITY.COM
30 AprMet Police face criticism for using AI to spy on their own officersLondon police officers have been warned by the Metropolitan Police Federation to watch their backs after the force deployed controversial AI software to investigate misconduct. The staff association, representing more than 30,000 officers in London, reported it had not been infor…HELPNETSECURITY.COM
30 AprHackers arrested for stealing and reselling 600,000 Roblox accountsUkrainian police detained three suspects accused of hacking into Roblox accounts and reselling the data on Russian websites, with payments made in cryptocurrency. Police raid (Source: The Prosecutor General’s Office of Ukraine) “Prosecutors of the Lviv region, togethe…HELPNETSECURITY.COM
30 AprAI Is Scaling Cyber AttacksA recent report details how attackers are using AI tools to automate reconnaissance, target selection, and vulnerability discovery during cyber attacks. This significantly lowers the cost and effort required to launch attacks while increasing their scale and effectiveness. As a r…YOUTUBE.COM
30 AprArbitrary code execution and Claude Code CLI: How Claude executed code before you click 'trust'submitted by codeinabox to security 2 points | 0 comments https://www.sonarsource.com/blog/claude-arbitrary-code-executionPROGRAMMING.DEV
30 Apr"Copy Fail" flaw leads to privilege escalation on Linux.US House votes to extend FISA Section 702, though Senate passage is unlikely. OpenSSH flaw can lead to root shell access.THECYBERWIRE.COM
30 AprAgent’s claims on WhatsApp access spark security concernsA US agent claimed WhatsApp encryption is fake and Meta can access messages; the probe was abruptly shut, raising security concerns. A US agent claimed WhatsApp encryption is fake, alleging Meta accesses all unencrypted messages, but Commerce Department abruptly shut the probe, l…SECURITYAFFAIRS.COM
30 AprHackers are actively exploiting a bug in cPanel, used by millions of websitesWeb hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug for months.TECHCRUNCH.COM
30 AprBridging the gap: How to integrate Claude Security into the Tenable One Exposure Management PlatformBridge the gap between AI-driven vulnerability discovery and prioritized remediation. Learn how to integrate Claude Security’s deep-logic analysis into Tenable One to unify your attack surface, eliminate noise, and focus on the risks that matter most. Key takeaways As frontier AI…TENABLE.COM
30 AprAnother AI-Assisted Software Scan Yields 9-Year-Old Linux BugThe proof-of-concept exploit code runs only 10 lines long, but luckily, a patch is already available.DARKREADING.COM
30 AprFIRESTARTER - PSW #924This week in the security news: - Are you a FIRESTARTER? - Eavesdropping via fiber-optic cables - Copy Fail - more Linux LPE - Github RCE - Running Linux on a PS5 - BadUSB tricks - SilentGlass and HDMI threats - Sonicwall and vague details - Universities are for porn? - The Bansh…YOUTUBE.COM
30 AprWhen Trusted Sites Turn MaliciousAttackers have long exploited trusted domains—like university websites—by injecting malicious code that redirects traffic or hosts spam content, leveraging the site’s reputation to boost visibility. This “reputation theft” not only helps attackers rank higher in search results, b…YOUTUBE.COM
30 AprThat AI Extension Helping You Write Emails? It’s Reading Them FirstUnit 42 uncovers high-risk AI browser extensions. Disguised as productivity tools, they steal data, intercept prompts, and exfiltrate passwords. Protect your browser. The post That AI Extension Helping You Write Emails? It’s Reading Them First appeared first on Unit 42 .UNIT42.PALOALTONETWORKS.COM
30 AprBank regulator sounds warning over cybersecurity threat posed by AI modelsFrontier AI models inspired by Anthropic’s Claude Mythos could arm attackers with advanced capabilities that the banking sector is ill equipped to cope with, Australia’s financial regulator, the Australian Prudential Regulation Authority (APRA), has warned. In a letter addressed …CSOONLINE.COM
📢 SECURITY ADVISORIES 4[−]
30 AprEtherRAT Distribution Spoofing Administrative Tools via GitHub FacadesIntro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege professional accounts of enterprise administrators, DevOps engineers, and security analysts by imper…THEHACKERNEWS.COM
30 AprCISA and Partners Publish Zero Trust Guidance For OT SecurityA new CISA‑led guide explains how zero‑trust security can be applied to operational technology, balancing cyber defence with safety and system availabilityINFOSECURITY-MAGAZINE.COM
30 AprZambia cancels global digital freedoms conference days before startOn Tuesday, Zambia’s Minister of Technology and Science offered the first hint that the conference would be cancelled, telling a Zambian news outlet that participants’ security clearances were incomplete and that the government has concerns about the conference’s “dialogue.”THERECORD.MEDIA
30 AprHackers earning millions from hijacked cargo, FBI saysIn an advisory this week, FBI officials said cyber actors have spent the last two years breaking into the systems of brokers and carriers — allowing them to pose as victim companies and post fraudulent listings on freight delivery message boards.THERECORD.MEDIA
🔥 INCIDENT REPORTING 12[−]
30 AprCompromised SAP npm Packages Found Harvesting Developer and CI/CD SecretsSecurity researchers have identified a severe supply chain attack targeting the SAP developer ecosystem. A threat group identified as TeamPCP has compromised multiple legitimate SAP npm packages in a new campaign named Mini Shai Hulud. The operation relies on injecting malicious …GBHACKERS.COM
30 AprOperation Winter SHIELD: What the FBI Wants Industry to Do NowThe FBI sees every breach. You see yours. Adam Maddock, Section Chief of the FBI's Cyber Technical Analytics and Operations Section, and Jarrod Schlenker, Assistant Section Chief leading the FBI Cyber Division's private-sector engagement, join David Moulton to walk through …THECYBERWIRE.COM
30 AprMeta accused of violating DSA by failing to safeguard minorsThe European Commission accuses Meta of failing to protect children, allowing users under 13 on Instagram and Facebook, in breach of the DSA rules. The European Commission has accused Meta of violating child safety rules. Instagram and Facebook allegedly failed to prevent childre…SECURITYAFFAIRS.COM
30 AprWhy Your Email Security Needs a Global Human Network to Close the Detection GapThe biggest challenge in email security today isn’t just detecting a threat; it’s the speed of response across a global landscape. As we head into the second half of 2026, the stakes with speed have gotten higher. According to SQ Magazine, AI-generated phishing attempts are 68% h…KNOWBE4.COM
30 AprMoldova’s health insurance agency reports possible data leak after cyberattackThe agency said the incident occurred several weeks ago and that technical assessments indicated a possible theft of limited information.THERECORD.MEDIA
30 AprUK: Education Sector Faces Surge in Cyber Breaches Despite Stable National Threat LevelsThe British public education sector has faced the nation’s most dramatic increase in cyber breach prevalence over the past yearINFOSECURITY-MAGAZINE.COM
30 AprAnti-DDoS Firm Heaped Attacks on Brazilian ISPsA Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm…KREBSONSECURITY.COM
30 AprFrance investigates 15-year-old over alleged hack of national ID agencyThe minor was taken into police custody on April 25 on suspicion of involvement in a data breach affecting the National Agency for Secure Documents (ANTS), which processes applications for passports, national identity cards, residence permits and driver’s licenses.THERECORD.MEDIA
30 AprFrance arrests 15-year-old hacker who stole data of 11.7 million peopleFrench authorities have detained a 15-year-old suspect in connection with the recent ANTS data breach, which exposed millions of sensitive user records on cybercrime forums. According to a statement published earlier today by Paris public prosecutor Laure Beccuau, the minor was t…CYBERINSIDER.COM
30 AprPyTorch Lightning Compromised in PyPI Supply Chain Attack to Steal CredentialsIn yet another software supply chain attack, threat actors have managed to compromise the popular Python package Lightning to push two malicious versions to conduct credential theft. According to Aikido Security, Socket, and StepSecurity, the two malicious versions are versions 2…THEHACKERNEWS.COM
30 AprTeamPCP Hits SAP Packages With 'Mini Shai-Hulud' AttackSeveral npm packages for SAP's cloud application development ecosystem have been compromised as TeamPCP's supply chain attacks broaden.DARKREADING.COM
30 Apr KEVFormer incident responders sentenced to 4 years in prison for committing ransomware attacksRyan Goldberg and Kevin Martin attacked five companies in 2023 and extorted nearly $1.3 million from one of their victims. The post Former incident responders sentenced to 4 years in prison for committing ransomware attacks appeared first on CyberScoop .CYBERSCOOP.COM
🕵️ THREAT INTELLIGENCE 21[−]
30 AprDanger of Libredtail [Guest Diary], (Wed, Apr 29th)[This is a Guest Diary by James Roberts, an ISC intern as part of the SANS.edu BACS program]
ISC.SANS.EDU
30 AprTesla Optimus Robot Launch Timeline Targets 2027 ScaleElon Musk says Tesla’s Optimus robot could launch next year, with production starting in 2026 and a major scale-up planned by 2027. The post Tesla Optimus Robot Launch Timeline Targets 2027 Scale appeared first on TechRepublic .TECHREPUBLIC.COM
30 AprISC Stormcast For Thursday, April 30th, 2026 https://isc.sans.edu/podcastdetail/9912, (Thu, Apr 30th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
30 AprLarge-scale Roblox hacking operation shut down by Ukrainian authoritiesUkrainian police arrested three hackers who hijacked 610,000 Roblox accounts and sold them for $225,000 in profit. Police in Ukraine arrested three suspects accused of hacking over 610,000 Roblox accounts and selling them for about $225,000. Officers carried out multiple searches…SECURITYAFFAIRS.COM
30 AprBackdoored WordPress Plugin Abuses Remote Update Checker for Silent Code DeliveryA long-dormant backdoor has been uncovered in the “Quick Page/Post Redirect Plugin,” a popular WordPress add-on with over 70,000 active installations. The tampered plugin, specifically version 5.2.3, contained two distinct malicious features. First, it featured a pass…GBHACKERS.COM
30 AprEveryone’s building AI agents. Almost nobody’s ready for what they do to identity.Anthropic recently announced that it would not release Mythos, its most powerful AI model, to the public. The model discovered thousands of previously unknown software vulnerabilities — flaws that had sat undetected in major operating systems and web browsers for as long as nearl…CYBERSCOOP.COM
30 AprFast16 MalwareResearchers have reverse-engineered a piece of malware named Fast16. It’s almost certainly state-sponsored, probably US in origin, and was deployed against Iran years before Stuxnet: “…the Fast16 malware was designed to carry out the most subtle form of sabotage…SCHNEIER.COM
30 AprOpenAI Unveils Cyber Defense Roadmap Focused on AI-Powered SecurityOpenAI has released a comprehensive cyber defense roadmap titled “Cybersecurity in the Intelligence Age” to responsibly equip defenders with AI-powered security tools faster than malicious actors can adapt. Spearheaded by Sasha Baker in April 2026, the action plan out…GBHACKERS.COM
30 AprMicrosoft PowerToys 0.99 Adds Multi-Monitor Tools for Windows UsersPowerToys 0.99 adds new monitor and window-management tools for Windows users, plus updates to Command Palette, Keyboard Manager, ZoomIt, and Image Resizer. The post Microsoft PowerToys 0.99 Adds Multi-Monitor Tools for Windows Users appeared first on TechRepublic .TECHREPUBLIC.COM
30 AprRelease Notes: Expanded Threat Intelligence Access, AI Assisted Search 1,770 New Detections and MoreApril brought several updates across ANY.RUN’s Threat Intelligence and detection coverage. The biggest change is expanded access to Threat Intelligence: Free plan users now get 20 premium requests in TI Lookup and YARA Search. This gives security teams a practical way …ANY.RUN
30 Apr5 Best Employer of Record Services in 2026There are no borders or boundaries when it comes to professional talent. With the right EOR, you can hire for quality, regardless of location. The post 5 Best Employer of Record Services in 2026 appeared first on TechRepublic .TECHREPUBLIC.COM
30 AprResearchers develop tool to expose GPS signal spoofing in transit networksThe Oak Ridge National Laboratory (ORNL) has developed a portable detector that identifies GPS spoofing in real time, including during motion, to help protect transportation systems. Spoofing involves transmitting counterfeit signals that imitate authentic GPS transmissions and p…HELPNETSECURITY.COM
30 AprProxmox Backup Server 4.2 arrives with S3 storage support and parallel sync jobsProxmox Backup Server 4.2 is a maintenance and feature update built on Debian 13.4 “Trixie” that adds S3-compatible object storage as a supported backend and introduces parallel processing for sync jobs. The server ships the new version with Linux kernel 7.0 as the st…HELPNETSECURITY.COM
30 AprTwo new extortion crews are speedrunning the Scattered Spider playbookCrowdStrike says The Com-affiliated threat groups are using voice phishing and fake SSO pages to break into SaaS environments and steal data fast for extortion. The post Two new extortion crews are speedrunning the Scattered Spider playbook appeared first on CyberScoop .CYBERSCOOP.COM
30 AprPwC partners with Google Cloud to take on the managed security marketThe professional services firm is stepping up its managed security ambitions with a Google Cloud-powered service that leans on agentic AI. The target market is companies that have outgrown DIY security.CYBERSECURITYDIVE.COM
30 AprSHARED INTEL Q&A: PKI’s unfinished business—’digital passports’ for content, models and agentsAs if keeping track of machine identities wasn’t hard enough. AI agents are now arriving by the thousands — and most enterprises are just handing them borrowed credentials and hoping for the best. Meanwhile, the cryptographic infrastructure asked to absorb … (more…) The pos…LASTWATCHDOG.COM
30 AprUS agencies promote zero-trust practices for operational technology networksMany zero-trust defenses work differently in industrial environments than in traditional business networks, five federal agencies said in newly published guidance.CYBERSECURITYDIVE.COM
30 AprAWS Expands Amazon Connect Into AI Tools for Hiring, Healthcare, and Supply ChainsAWS expanded Amazon Connect into four agentic AI tools for supply chain, hiring, customer service, and healthcare workflows, with humans still in control. The post AWS Expands Amazon Connect Into AI Tools for Hiring, Healthcare, and Supply Chains appeared first on TechRepublic .TECHREPUBLIC.COM
30 AprCongress kicks the can down the road on surveillance law (again)It’s the second extension of Section 702 of the Foreign Intelligence Surveillance Act in 10 days, and a regular ritual for the Hill. The post Congress kicks the can down the road on surveillance law (again) appeared first on CyberScoop .CYBERSCOOP.COM
30 AprFCC tightens KYC rules for telecoms, closes loophole for banned foreign servicesThe commission wants telecoms to do more to verify their callers and prevent illegal calls and scams from reaching Americans. The post FCC tightens KYC rules for telecoms, closes loophole for banned foreign services appeared first on CyberScoop .CYBERSCOOP.COM
🌐 CYBER THREAT LANDSCAPE 6[−]
30 AprSilver Fox uses the new ABCDoor backdoor to target organizations in Russia and IndiaThe Silver Fox group is targeting companies in Russia and India by impersonating tax authorities to distribute ValleyRAT and the new ABCDoor backdoor.SECURELIST.COM
30 AprCyber is the Number One Global “People Risk,” Says MarshMarsh’s 2026 People Risks survey finds cyber‑related challenges dominate, as cyber‑threat literacy tops risks and cyber and AI skills shortages riseINFOSECURITY-MAGAZINE.COM
30 AprExposed Data Illustrates the Nightmare Scenario for a Stalkerware VictimExtremely sensitive personal data from a European celebrity that appears to have been compiled using spyware was publicly accessible until a researcher flagged the exposure.WIRED.COM
30 AprThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More StoriesThe internet is noisy this week. We are seeing some wild new tactics, like people using fake cell towers to send scam texts, while some developers are accidentally downloading tools that peek into their private files during a simple install. It is definitely a busy time to be onl…THEHACKERNEWS.COM
30 AprDeep#Door Python Backdoor Evades Detection On WindowsDeep#Door Python RAT uses tunneling and obfuscation to evade detection and steal credentialsINFOSECURITY-MAGAZINE.COM
30 AprThree Arrested for Hacking Over 610,000 Roblox AccountsSuspects accused of distributing malware and selling access to stolen Roblox accounts on Russian marketplacesINFOSECURITY-MAGAZINE.COM
📡 INFOSEC NEWS 17[−]
30 AprClaude Mythos Fears Startle Japan's Financial Services SectorGlobal financial institutions are panicked over Anthropic's new superhacker AI model. Cyber experts aren't quite as worried.DARKREADING.COM
30 AprAll rise for the Chatrie.This week, Dave and Ben sit down with N2K's Lead Analyst Ethan Cook to look at the Supreme Court's new case examining geofencing. In the conversation, the three break down the various stances the justice's have already begun to take up and what the potential fallouts of this case…THECYBERWIRE.COM
30 AprIran-linked Handala hackers leak US Marines data, send chilling WhatsApp threatsUS Marines stationed around the Persian Gulf have been receiving WhatsApp messages from strangers suggesting they call home and make their final goodbyes. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
30 AprEuropol Busts Albanian Scam Call Centers in Major Online Fraud CaseEuropean police arrested 10 suspects after dismantling Albanian scam call centers linked to a €50m ($58m) online investment fraud operationINFOSECURITY-MAGAZINE.COM
30 AprPost-quantum encryption for Cloudflare IPsec is generally availableCloudflare IPsec now has generally available support for post-quantum encryption via hybrid ML-KEM. We’ve confirmed interoperability with Cisco and Fortinet.CLOUDFLARE.COM
30 AprOracle Red Bull Racing Team Revs Up Automation to Boost SecurityWhile drivers race to shave off seconds on the track, the team's IT and engineering staff are speeding up how they deliver security.DARKREADING.COM
30 AprDental practice software maker fixes bug that exposed patients’ medical recordsThe security bug is now fixed, but the patient who found it said it was challenging to alert the software company about the issue.TECHCRUNCH.COM
30 AprHackers stole hundreds of thousands of Roblox accounts: Here’s what to doHackers used fake Roblox “game enhancements” to steal login details from hundreds of thousands of players, then sold the accounts for profit.MALWAREBYTES.COM
30 AprTrump’s cyber ambassador nominee advances to full Senate voteAdam Cassady, who was nominated last month to helm the State Department’s Bureau of Cyberspace and Digital Policy, was approved by a vote of 17-5.THERECORD.MEDIA
30 AprOpenAI Rolls Out ‘Advanced’ Security Mode for At-Risk AccountsOpenAI is rolling out Advanced Account Security for people concerned that their ChatGPT or Codex accounts could be potential targets of phishing attacks.WIRED.COM
30 AprAfter dissing Anthropic for limiting Mythos, OpenAI restricts access to Cyber, tooOpenAI will begin rolling out it cybersecurity testing tool, GPT-5.5 Cyber only "to critical cyber defenders" at first.TECHCRUNCH.COM
30 AprGreat responsibility, without great powerIn this week’s newsletter, Hazel uses International Superhero Day as a springboard to explore why empathy — rather than just technical prowess — is the most essential, underrated superpower for navigating the human side of cybersecurity.TALOSINTELLIGENCE.COM
30 AprMore PayPal emails hijacked to deliver tech support scamsWe investigate how scammers are abusing PayPal’s systems to push victims into calling fake support numbers.MALWAREBYTES.COM
30 AprOne copy too many.A critical Linux flaw dubbed “Copy Fail” raises alarm. The House moves to extend Section 702. The White House pushes back on expanded Mythos access. cPanel and SonicWall rush out security patches. Researchers warn AI agents may leak credentials. Smishing targets key industries. U…THECYBERWIRE.COM
30 AprAnthropic's Mythos Has Landed: Here's What Comes Next for CyberIn this latest installment of the Reporters' Notebook video series, we discuss how the new AI model threatens to completely upend cybersecurity, and what industry leaders are telling the press.DARKREADING.COM
30 AprCongress punts FISA renewal to JuneThe latest House action came after the Senate declared the previous bill dead on arrival because it included a ban on the Federal Reserve’s ability to issue a digital currency. Instead, the upper chamber approved a 45-day extension by unanimous consent.THERECORD.MEDIA